The Shellcoder's Handbook: Discovering and Exploiting Security Holes (+code) Date: 08 May 2011, 00:32
|
* This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application * New material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and Vista * Also features the first-ever published information on exploiting Cisco's IOS, with content that has never before been explored * The companion Web site features downloadable code files The black hats have kept up with security enhancements. Have you? In the technological arena, three years is a lifetime. Since the first edition of this book was published in 2004, built-in security measures on compilers and operating systems have become commonplace, but are still far from perfect. Arbitrary-code execution vulnerabilities still allow attackers to run code of their choice on your system-with disastrous results. In a nutshell, this book is about code and data and what happens when the two become confused. You'll work with the basic building blocks of security bugs-assembler, source code, the stack, the heap, and so on. You'll experiment, explore, and understand the systems you're running-and how to better protect them. * Become familiar with security holes in Windows, Linux, Solaris, Mac OS X, and Cisco's IOS * Learn how to write customized tools to protect your systems, not just how to use ready-made ones * Use a working exploit to verify your assessment when auditing a network * Use proof-of-concept exploits to rate the significance of bugs in software you're developing * Assess the quality of purchased security products by performing penetration tests based on the information in this book Table of Contents About the Authors Acknowledgments Introduction to the Second Edition Part I Introduction to Exploitation: Linux on x86 Chapter 1 Before You Begin Chapter 2 Stack Overflows Chapter 3 Shellcode Chapter 4 Introduction to Format String Bugs Chapter 5 Introduction to Heap Overflows Part II Other Platforms - Windows, Solaris, OS/X, and Cisco Chapter 6 The Wild World of Windows Chapter 7 Windows Shellcode Chapter 8 Windows Overflows Chapter 9 Overcoming Filters Chapter 10 Introduction to Solaris Exploitation Chapter 11 Advanced Solaris Exploitation Chapter 12 OS X Shellcode Chapter 13 Cisco IOS Exploitation Chapter 14 Protection Mechanisms Part III Vulnerability Discovery Chapter 15 Establishing a Working Environment Chapter 16 Fault Injection Chapter 17 The Art of Fuzzing Chapter 18 Source Code Auditing: Finding Vulnerabilities in C-Based Languages Chapter 19 Instrumented Investigation: A Manual Approach Chapter 20 Tracing for Vulnerabilities Chapter 21 Binary Auditing: Hacking Closed Source Software Part IV Advanced Materials Chapter 22 Alternative Payload Strategies Chapter 23 Writing Exploits that Work in the Wild Chapter 24 Attacking Database Software Chapter 25 Unix Kernel Overflows Chapter 26 Exploiting Unix Kernel Vulnerabilities Chapter 27 Hacking the Windows Kernel Index
|
DISCLAIMER:
This site does not store The Shellcoder's Handbook: Discovering and Exploiting Security Holes (+code) on its server. We only index and link to The Shellcoder's Handbook: Discovering and Exploiting Security Holes (+code) provided by other sites. Please contact the content providers to delete The Shellcoder's Handbook: Discovering and Exploiting Security Holes (+code) if any and email us, we'll remove relevant links or contents immediately.
|
|
|